d680a8bd002327326b2ba12e02ed6c6d

Sharing

Copy URL Twitter E-mail

General

Target

d680a8bd002327326b2ba12e02ed6c6d
Size

236KB
MD5

d680a8bd002327326b2ba12e02ed6c6d
SHA1

61a026fb8147156b64a907f72594c1e6458b77a4
SHA256

3d860400c95be5316c05c758adc0c0c6f7f64832744946eef7f44c905d399330
SHA512

a2aca623360585e26b2ee506341d711db4c0358f6261595ff56c587631ad69d32e611c46bd92905538531fecc346f9133c39519f22b45c3e3aa0889c309d1942
SSDEEP

6144:XmKPdg35Vqdz+du+PPK93jCDwcTS5dQmEXko:2ydg35AYdrPPCCv0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d680a8bd002327326b2ba12e02ed6c6d

Files

d680a8bd002327326b2ba12e02ed6c6d
.dll windows:4 windows x86 arch:x86

518f35b09e39b7ae1023614bd02fe15e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

StringFromCLSID
StgCreateDocfileOnILockBytes
ReleaseStgMedium
OleUninitialize
OleRegGetUserType
OleInitialize
CreateILockBytesOnHGlobal
CoTaskMemFree
CLSIDFromString

kernel32

lstrcmpW
lstrlenA
lstrlenW
AddAtomW
CreateEventW
CreateFileW
DeleteAtom
ExitProcess
MulDiv
MultiByteToWideChar
SetThreadPriority
SetUnhandledExceptionFilter
TerminateProcess
LoadLibraryExW
LoadLibraryExA
GetCommandLineA
GetCurrentThreadId
GetDateFormatW
GetLastError
GetModuleHandleA
GetShortPathNameW
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetVersionExA
GlobalAddAtomW
GlobalAlloc
GlobalFree
GlobalGetAtomNameW
HeapAlloc
HeapCreate
InterlockedIncrement
LoadLibraryW

comdlg32

ChooseFontW
GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError

shell32

ShellExecuteExW
SHGetSpecialFolderPathW
SHGetSettings
DragQueryFileW
DragFinish
ShellAboutW

shlwapi

PathFindFileNameW

msvcrt

setlocale
memmove
exit
_wcsdup
_onexit
_initterm
_controlfp
_cexit
wcscmp
__wgetmainargs
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__dllonexit
__CxxFrameHandler
_XcptFilter
wcscoll
wcslen
wcstod
_adjust_fdiv
_c_exit

gdi32

ScaleWindowExtEx
Rectangle
RectVisible
PtVisible
GetTextMetricsW
GetTextExtentPoint32W
GetTextColor
GetStockObject
GetPaletteEntries
GetObjectW
GetDeviceCaps
GetBkColor
ExtTextOutW
Escape
DeleteObject
DPtoLP
CreateSolidBrush
CreatePen
CreateICW
CreateFontIndirectW
CreateDCW
CreateCompatibleDC
BitBlt
SetBkMode
SetDCBrushColor
SetPixel
SetTextColor
TextOutW
SelectObject

user32

EnableWindow
FindWindowW
GetActiveWindow
GetAsyncKeyState
WinHelpW
GetDC
CharToOemBuffA
GetNextDlgTabItem
LoadIconW
LoadMenuW
OffsetRect
PeekMessageW
SendDlgItemMessageW
SendMessageTimeoutW
GetMonitorInfoW
CallNextHookEx
SendMessageW
SetCursor
SetFocus
SetRect
UpdateWindow
DefWindowProcW

advapi32

RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

Exports

Exports

D3D10ResourceSetMapFlags
EnumDevicePropertyNext
EnumMCCustomCapReset
GetErrorLog
GetFunctions_i
GraphicsUnregisterResource
SetDoubleForDevice
ThreadExit
UnFocusRAWObject

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

518f35b09e39b7ae1023614bd02fe15e

Headers

File Characteristics

Imports

ole32

kernel32

comdlg32

shell32

shlwapi

msvcrt

gdi32

user32

advapi32

Exports

Exports

Sections

.text Size: 152KB - Virtual size: 152KB

.data Size: 72KB - Virtual size: 124KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 152KB - Virtual size: 152KB

.data
Size: 72KB - Virtual size: 124KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB